When EU’s General Data Protection Regulation (GDPR) enters into force, this data protection information will replace our previous register descriptions. In accordance with the GDPR, we wish to inform those who use our services and website (below “customer”) of the manner in which we process personal information in a concise, transparent, easily understandable manner, by using clear and simple language. If you have any questions about the information presented below or the manner in which we take care of data protection, please do not hesitate to contact us.
Espoon Seudun Uusyrityskeskus ry (ESUYK in the following)A Grid, Otakaari 5 A, 02150 EspooBusiness ID 0951711-0Tel. 010 33 66 550.
You can send any questions regarding this document to our data protection contact person Päivi Lahtelin-Laine, for contact information see www.espoonuusyrityskeskus.fi.
We process personal information about our customers for different purposes and therefore partly in different registers.
We process personal information primarily in order to take care our customer relations but for reporting and statistics as well and for informing about our operations and for their marketing. We process information in order to fulfil a contract (business consultancy), our legal obligations, based on legitimate interest (reporting and statistics) and based on consent (marketing). We may also send our customers customer feedback enquiries, the results of which we use in order to develop our operations.
As a whole, it can be said that our legitimate interest above all deals with spreading information about our operations, the development of our operations and the maintenance of well-functioning co-operation networks.
When offering advice on establishing a company, we may process the following information about our customers:
Business concept/Business ID
The above mentioned information will be entered in the Ajas system, when an appointment is booked. From there it will be transferred to the Hakosalo customer information system.
When meeting the customer for the first time, we will add the following information to our register:
Year of birth
Where has the customer heard of EnterpriseEspoo’s services
If the company is already operational, its business ID, registration date and contact information, which are transferred automatically from the Business Information System (YTJ).
In addition, we make notes about the meeting with the customer and the business concept, any expert sources and the customer’s business plan.
Customers register for ESUYK’s events through the Lyyti service, which may also be used for communications about events. In connection with the registration, we ask the customer’s name, e-mail address and possibly information about special diets and other details in connection with the event that are necessary for arranging it. We may request feedback about the event by e-mail, the Lyyti system or with some other corresponding tool. It is also possible to register for some of the events directly, for example by sending e-mail to our customer advisor.
We basically get the information that we process from the customer. On the other hand, e.g. our personnel uses public sources of information when necessary (e.g. Finnish Patent and Registration Office (PRH) and YTJ). If the customer already has a business ID, the information about the company (registration date, contact information and standard industry classification) is transferred to our systems from the YTJ. When a customer has established or wound up a company, said information is transferred to our registers from the Trade Register maintained by PRH. When necessary, we receive information (and inform the customer about this) from different interest groups (e.g. TE Offices, Finnvera and our experts).
If the customer so wishes, he or she may give consent to becoming member of a local association of the Federation of Finnish Enterprises, in which case customer information is transferred to the Federation of Finnish Enterprises.
In addition, information and the business concept may be processed for taking measures that the customer’s needs call for together with the TE Office, Finnvera, our experts or other corresponding actors.
We use our service providers’ systems in order to serve our customers. Consequently, our customers’ information may be processed at least in the following services: Ajas (booking appointments), Hakosalo (customer information system), Questback (customer feedback), Postiviidakko (newsletter) and Lyyti (registration for events, remainders and feedback inquiries).
We do not transfer information outside the EU or EEA.
If the customers so wish, they may join ESUYK’s mailing list either by giving a written consent on the customer information form or by joining the mailing list through a link on our website. If a person living in the ESUYK’s main area of operation (Espoo and Kauniainen) has downloaded the Entrepreneur Guide from the www.perustamisopas.fi website and given a marketing consent, his or her e-mail address is added to ESUYK’s mailing list. The newsletter on matters and events pertaining to entrepreneurship is sent to our customers through the Postiviidakko service. We may occasionally also send other material on entrepreneurship to our customers by mail. You can leave the electronic mailing list whenever you wish to do so though the link at the end of the newsletter or by informing ESUYK of this (and thereby object to the processing of information for electronic direct marketing purposes).
We process personal information based on the purpose of its use and the time needed. We wish to remind that, e.g. the reporting and statistics obligations that bind us may require the storing of data even after business consultancy has ended. In addition, the customers should understand that we may, as necessary, save information that is essential with regard to statistics in such a manner that the customer may not directly or indirectly be identified on the basis of it.
The main principle is that we process our customers’ personal information in protected information systems, where the right of use requires, e.g. a user ID and a password. User rights are granted to persons who are employed by the controller and to whose position and tasks said right is related. When using electronic communications (e.g. e-mail), we take the required measures for securing a sufficient data protection level. We store our customer information forms in locked premises.
Right of access to the personal information:
Right to correct information:
Right to erase information:
Right to restrict processing:
Right to object:
Right to transfer information between systems:
Even though we try to act in accordance with the GDPR, for instance, a customer may always contact our Data Protection Officer or lodge a complaint with the supervisory authority.
When collecting information, we try to explain to our customers which information is voluntary and which information is compulsory. Basically, at least the information listed above is necessary for us so that we can provide business consultancy or other services (in order to fulfil the obligations based on contract or law).
We do not use personal information for automatic decision-making (including profiling).